Employees sacked for ID card data breach

Tuesday, August 04, 2009

The database in question holds data on 92 million people in the U.K. About 200,000 people have access to it. If they cannot adequately secure the database from misuse by employees, well……. Nine local authority workers have been sacked after illegally accessing personal details of the public held on the government’s national identity database.

In total, 34 council workers were found to have illegally accessed the Customer Information System (CIS) database, part of a linked-up network of systems which constitute the government’s planned national identity database.

So how much is acceptable? Is evidence of 34 people misusing the database evidence that the system needs better security, or is it an acceptable level of risk?

A DWP spokesman told Computer Weekly: “The small number of incidents shows that the CIS security system is working and is protected by several different audit and monitoring controls, which actively manage and report attempts at unauthorised or inappropriate access.”